Ontap Select Deploy Administration Utility

DATE	CVE	VULNERABILITY TITLE	RISK
2021-07-30	CVE-2021-37600	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file. local low complexity kernel netapp CWE-190	5.5
2021-07-22	CVE-2021-35942	Integer Overflow or Wraparound vulnerability in multiple products The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. network low complexity gnu netapp debian CWE-190 critical	9.1
2021-07-09	CVE-2021-3541	XML Entity Expansion vulnerability in multiple products A flaw was found in libxml2. network low complexity xmlsoft redhat oracle netapp CWE-776	4.0
2021-06-02	CVE-2021-3530	Uncontrolled Recursion vulnerability in multiple products A flaw was discovered in GNU libiberty within demangle_path() in rust-demangle.c, as distributed in GNU Binutils version 2.36. network low complexity gnu netapp CWE-674	7.5
2021-06-02	CVE-2021-3520	Integer Overflow or Wraparound vulnerability in multiple products There's a flaw in lz4. network low complexity lz4-project netapp oracle splunk CWE-190 critical	9.8
2021-06-01	CVE-2021-3516	Use After Free vulnerability in multiple products There's a flaw in libxml2's xmllint in versions before 2.9.11. local low complexity xmlsoft debian fedoraproject redhat netapp oracle CWE-416	7.8
2021-06-01	CVE-2021-23017	Off-by-one Error vulnerability in multiple products A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact. network high complexity f5 openresty fedoraproject netapp oracle CWE-193	7.7
2021-05-27	CVE-2020-14301	Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products An information disclosure vulnerability was found in libvirt in versions before 6.3.0. network low complexity redhat netapp CWE-212	4.0
2021-05-26	CVE-2021-25217	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. low complexity isc fedoraproject debian siemens netapp CWE-119	7.4
2021-05-24	CVE-2021-3559	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A flaw was found in libvirt in the virConnectListAllNodeDevices API in versions before 7.0.0. network low complexity redhat netapp CWE-119	4.0